c689772d9f1133452ddec6f320cac297f2ade107db04bf08955bde1b283a27ef | Triage

Submit
Reports

Overview

overview

1

Static

static

c689772d9f...ef.dll

windows7-x64

1

c689772d9f...ef.dll

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

c689772d9f1133452ddec6f320cac297f2ade107db04bf08955bde1b283a27ef.dll

Resource

win7-20221111-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

c689772d9f1133452ddec6f320cac297f2ade107db04bf08955bde1b283a27ef.dll

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

c689772d9f1133452ddec6f320cac297f2ade107db04bf08955bde1b283a27ef
Size

65KB
MD5

048c028f64db088abbc6d71d16c99357
SHA1

a4e63c79c5dd9e15cf3264cb5ba418a5394a1177
SHA256

c689772d9f1133452ddec6f320cac297f2ade107db04bf08955bde1b283a27ef
SHA512

1dcd19faccd34d26984bbe43c22076faf83488504bcef60b69d2a50e179eb3d3c7823286f3206e81daf69a623a3cdd8d8ca4420d4fc71ccd0a5f9d3e01bf69ca
SSDEEP

768:+skiD+S+Maf95wUoSuFcTT0c7yKeQg1LI1288m70t8+Tng6b/S+f+YASMEPF31vs:RD+Ka7hn0c7pePxII2wPjx1vLbYAg

Score

N/A

Malware Config

Signatures

Files

c689772d9f1133452ddec6f320cac297f2ade107db04bf08955bde1b283a27ef
.dll windows x86

2881bb60e6601ab7370387d91c14aff6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ExNotifyCallback
CcUnpinDataForThread
ExGetSharedWaiterCount
PoSetPowerState
PoRegisterSystemState
KeResetEvent
ExAcquireResourceSharedLite
RtlEqualString
RtlAddAccessAllowedAceEx
RtlCompareString
RtlInitString
RtlEqualUnicodeString
FsRtlAllocateFileLock
KeInitializeDpc
IoCancelIrp
KeInsertQueueDpc
KeInsertDeviceQueue
PoSetSystemState
SeOpenObjectAuditAlarm
IoGetDeviceInterfaceAlias
RtlUnicodeStringToAnsiString
RtlIntegerToUnicodeString
ZwCreateKey
strcat
RtlUpperChar
IoReuseIrp
RtlInitUnicodeString

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 1024B - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy